Update setuptools to address package_index vulnerability (#52)

* Update setuptools to v70 to address a security issue * Fix changelog * Update also the loqusdb version to use * Update changelog * Update changelog --------- Co-authored-by: Chiara Rasi <rasi.chiara@gmacil.com>
Clinical-Genomics · Jul 17, 2024 · c0a6042 · c0a6042
1 parent b2795df
commit c0a6042
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,14 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [0.1.14]
+### Fixed
+- Update to setuptools >= v.70 to address a security issue in the `package_index` module
+
+## [0.1.13]
+### Fixed
+- Updated issue template
+
 ## [0.1.12]
 ### Fixed
 -  Modified Docker files to use python:3.9-slim-bullseye to prevent gunicorn workers booting error

diff --git a/requirements.txt b/requirements.txt
@@ -1,5 +1,5 @@
 pytest==5.4.3
-loqusdb>=2.7.3
+loqusdb>=2.7.7
 cyvcf2==0.30.12
 mongomock
 click==7.1.2
@@ -8,7 +8,7 @@ numpy==1.21.4
 coloredlogs==14.0
 pyyaml>=5.4.1
 vcftoolbox==1.5
-setuptools
+setuptools>=70.0.0
 fastapi==0.61.2
 pydantic==1.7.2
 starlette==0.13.6